A survey on DoS/DDoS attacks mathematical modelling for traditional, SDN and virtual networks

Denial of Service and Distributed Denial of Service (DoS/DDoS) attacks have been one of the biggest threats against communication networks and applications throughout the years. Modelling DoS/DDoS attacks is necessary to get a better understanding of their behaviour at each step of the attack process, from the Botnet recruitment up to the dynamics of the attack. A deeper understanding of DoS/DDoS attacks would lead to the development of more efficient solutions and countermeasures to mitigate their impact. In this survey, we present a classification approach for existing DoS/DDoS models in different kinds of networks; traditional networks, Software Defined Networks (SDN) and virtual networks. In addition, this article provides a thorough review and comparison of the existing attack models, in particular we explain, analyze and simulate different aspects of three prominent models; congestion window, queuing, and epidemic models (same model used for corona virus spread analysis). Furthermore, we quantify the damage of DoS/DDoS attacks at three different levels; protocol (Transmission Control Protocol-TCP), device’s resources (bandwidth, CPU, memory), and network (infection and recovery speed).